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DETAILED ACTION 
Continued Examination Under 37 CFR 1.114 
A request for continued examination under 37 CFR 1.114, including the fee set forth in 
37 CFR 1.17(e), was filed in this application after final rejection. Since this application is 
eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) 
has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 
37 CFR 1.1 14. Applicant's submission filed on 18 June 2007 has been entered. 

Status of Claims 

This communication is in response to remarks and amendments filed as noted above. 
Claims 1, 30 35, 41, 43 and 48 have been currently amended. Claims 3, 9, 42 and 50 have been 
canceled. New claims 77-84 have been added. Thus claims 1,2, 4-8, 10-41, 43-49 and 51-84 
remain pending. 

Election/Restrictions 

Newly submitted claims 77-84 directed to an invention that is independent or distinct 
fi-om the invention originally claimed for the following reasons: the newly added claims are 
directed to a jurisdiction verification system is directed to determining and verifying the 
geographical location of the client device based upon the challenge/response. Although the 
claims may present a combination/subcombination, the claims would be classified in 369/24.02. 

Since applicant has received an action on the merits for the originally presented 
invention, this invention has been constructively elected by original presentation for prosecution 
on the merits. Accordingly, claims 77-84 are withdrawn from consideration as being directed to 
a non-elected invention. See 37 CFR 1.142(b) and MPEP § 821.03. 
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Response to Arguments 
Applicant's arguments with respect to amended claims have been considered but they are 
not persuasive. Applicant argues that the cited reference fails to disclose a "challenge and 
response system for authenticating the location of a user (response p. 17-18)." The examiner 
respectfully disagrees because Goertzel discloses that authentication occurs at least in part based 
upon user credentials. The reference discloses "To create a restricted token 124, a process calls 
the CreateRestrictedToken API with appropriate flag settings and/or information in the input 
fields, which in turn invokes the NtFilterToken API. As represented beginning at step 900 of 
FIG. 9A, the NtFilterToken API checks to see if a flag named DISABLE_MAX_SIDS is set, 
which indicates that all Security IDs for groups in the new, restricted token 124 should be 
marked as USE_FOR_DENY_ONLY. The flag provides a convenient way to restrict the 
(possibly many) groups in a token without needing to individually identify each of the groups. If 
the flag is set, step 900 branches to step 902 which sets a bit indicating SE_FOR_DENY__ONLY 
on each of the group security IDs in the new token 124. Furthermore, the security ID input of 
the cited reference also serves as a challenge response mechanism, as claimed. 

Applicant further argues that Shaffer does not teach or suggest a "first number 
authentication (response p. 19)." The examiner points to Shaffer's teaching with regards to 
developing a spatial key wherein a challenge/response system is utilized in the determination of 
the location information. 

Claim Rejections - 35 USC §103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 
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(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 1, 2, 4-8,10-21, 23, 24, 26-41,43-49 and 51-68 and 70-76 are rejected under 35 
U.S.C. 103(a) as being unpatentable over Goertzel et al. (hereinafter Goertzel, US 6,308,273 
Bl) in view of Shaffer et al. (hereinafter Shaffer), US 7,167,553 B2. 
1 . Goertzel discloses a system for enabling remote access to an application server, upon 
authentication of a location from which a user has sought access as an authorized location, for 
enabling processing of a transaction requiring user location authentication, wherein the user 
location includes means for enabling the user to request remote access to the application server, 
the system comprising (column 1, line 55-column 2, line 13): 

• an access server, for receiving and processing a request for access to the application 
server from a user request enabling means, the server adapted to be located remote from 
the user's location (figure 4, 68 remote access server); 

• an authenticator for authenticating the location of the user responsive to receipt of a 
processed request from the access server, the authenticator including a challenge and 
response system for authenticating the location of the user and the authenticator adapted 
to be connected to the access server, (figure 4, 71 location detection mechanism); 

• means for interconnecting the access server and the authenticator (column 5, figure 5A-B, 
528 lookup number in database; column 7, line 55-column 8, line 4). 

Goertzel does not explicitly disclose a first number authentication mechanism, wherein the 
first number authentication mechanism provides anti-circumvention protection that determines a 
physical location of an originating number to prevent the user from connecting to the access 
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server from a physical location other than the user location and wherein the first number 
authenticating system relies on user input and does not rely on GPS. 

Shaffer, however, teaches a communication system and method wherein the location of a 
remote user is determined (columns 16-17). Furthermore, Shaffer utilizes ANI, DNIS and 
geographic identifier in order to determine the identity and location of the caller (see also 
columns 25-29). 

It would have been obvious to one of ordinary skill in the art, at the time of the invention to 
modify the security location discrimination system and methods disclosed by Goertzel and 
further utilize the location determination mechanism of Shaffer, in order to prevent unauthorized 
and illegal access and only service authorized locations, as per teaching of Shaffer (column 1-2). 

Goertzel further discloses : 

2. The system of claim 1, wherein the authenticator comprises an authenticating server 
(figure 14 and associated text). 

3. Canceled. 

4. The system of claim 1, further comprising means for insuring the user's presence at the 
location (colvmin 10, lines 38-52)). 

5. 44. The system of claim 1, further comprising means for enabling the user to request remote 
access to the application server (figure 1 and associated text, 49 remote computer). 
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6. The system of claim 1, wherein the interconnecting means comprise a network (figure 1 
and associated text). 

7,45. The system of claim 2, wherein the authenticating server includes a database of 
authorized locations, for enabling verification of the location of the user as an authorized user 
location (figure 4, database or registered numbers 74) 

8. The system of claim 2, wherein the authenticating server comprises a Remote Access 
Dial-In User Service (RADIUS) server (figure 5B). 

36. The system of claim 3, wherein the user identity determining means comprise a challenge 
and response system (column 16, lines 35-47; figure 13). 

10,42,57. The system of claim 4, wherein the user presence insuring means 

comprise a card for identifying the user, and a reader for reading the user identifying card, 

adapted to be connected to the user access request enabling means at the user location (column 3- 

4). 



1 1 . The system of claim 5, wherein the user request enabling means comprise an interface 
station (figure 1 and associated text, API 36, monitor 47). 
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12. The system of claim 5, wherein the user request enabling means comprise a client 
(column 4, lines 5-49). 

13. The system of claim 5, wherein the user request enabling means include a location 
identifier (column 4, lines 50-column 6, line 50). 

14. 37. The system of claim 5, wherein the authenticating means are adapted to issue a security 
challenge to the user request enabling means, and the user request enabling means are further 
adapted to interrogate the security challenge, to generate a response, and to transmit the response 
to the authenticator (column 16-17). 

15. 46. The system of claim 5, wherein the user request enabling means include an identifier 
associated with the user's location, and the authenticator comprises means for authenticating the 
identifier associated with the user's location (column 4, lines 50-column 6, line 50). 

16. The system of claim 5, wherein the user request enabling means include a dialer, located 
at the user's location, and wherein the dialer includes a number associated therewith (Figure 5B) 

17. 47. The system of claim 5, wherein the user request enabling means comprise a plurality of 
user request enabling means, and the interconnecting means comprise a network comprising an 
intranet which includes at least one local area network, adapted to interconnect at least one of the 
plurality of user request enabling means and the access server (figures 1, 2, and associated text). 
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1 8. The system of claim 5, wherein the interconnecting means are further adapted to 
interconnect the user request enabling means (figure 1, 2 and associated text). 

19. The system of claim 6, wherein the network comprises an intranet (figure 2 and 
associated text). 

20. The system of claim 6, wherein the network comprises the Internet (figure 2 and 
associated text). 

21. 38. The system of claim 8, further comprising means for enabling the user to request remote 
access to the application server, wherein the authenticating server is further adapted to issue a 
security challenge to the user request enabling means (see above cited corresponding sections). 

23, 31. The system of claim 16, wherein the authenticator comprises a number identifier for 
identifying the number associated with the dialer located at the user's location (see above cited 
corresponding sections). 

24, 32. The system of claim 16, wherein a dialing system includes a plurality of numbers each 
associated with one of a plurality of dialers adapted to enable dialing therefrom and each dialer 
associated with a different user location, and the authenticator further comprises means for 
identifying the first number dialed from in the dialing system (column 1). 
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26, 39. The system of claim 21, wherein the user request enabling means are adapted to issue a 
response to the security challenge, and the authenticating means include a database for enabling 
verification of the response of the user request enabling means to the security challenge (see 
above cited corresponding sections). 

27, 33. The system of claim 23, wherein the nimiber identifier comprises Automatic Number 
Identification (column 7, lines 55-59). 

28, 34. The system of claim 24, wherein the first number identifying means comprises Dialed 
Number Identification Services (Figure 5B). 

29, 40. The system of claim 26, wherein the authenticator is further adapted to verify the 
response of the user request enabling means to the security challenge based on the database in 
the authenticator, and to authorize access to the application server (see above cited corresponding 
sections). 

30, 35. Goertzel discloses a system for enabling remote access to an application server, upon 
authentication of a location from which a user has sought access as an authorized location, for 
enabling processing of a transaction requiring user location authentication, wherein the user 
location includes means for enabling the user to request remote access to the application server, 
the system comprising: 



Application/Control Number: 10/033,716 Page 10 

Art Unit: 3621 

• an access server, for receiving and processing a request for access to the application 
server from a user request enabling means, the server adapted to be located remote from 
the user's location (see above cited corresponding sections); 

• an authenticator for authenticating the location of the user responsive to lOreceipt of the 
processed request from the access server, the authenticator adapted to be connected to the 
access server, the authenticator including a Remote Access DiaMn Service (RADIUS) 
server and a challenge and response system for authenticating the location of the user (see 
above cited corresponding sections); 

• means for interconnecting the access server and the authenticator (see above cited 
corresponding sections); and 

• means for enabling the user to request remote access to the application server, such 
means including a dialer, located at the user's location, wherein the dialer includes a 
dialing number associated therewith; and (see above cited corresponding sections) 

Gpertzel does not explicitly disclose a first number authentication mechanism, wherein the 
first number authentication mechanism provides anti-circumvention protection that determines a 
physical location of an originating number to prevent the user from connecting to the access 
server from a physical location other than the user location and wherein the first number 
authenticating system is a non-global positioning satellite system. 

Shaffer, however, teaches a communication system and method wherein the location of a 
remote user is determined (columns 16-17). Furthermore, Shaffer utilizes ANI, DNIS and 
geographic identifier in order to determine the identity and location of the caller (see also 
columns 25-29). 
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It would have been obvious to one of ordinary skill in the art, at the time of the invention to 
modify the security location discrimination system and methods disclosed by Goertzel and 
further utilize the location determination mechanism of Shaffer, in order to prevent unauthorized 
and illegal access and only service authorized locations, as per teaching of Shaffer (column 1-2). 

41 . Goertzel discloses a system for enabling remote access to an application server, upon 
authentication of a location from which a user has sought access as an authorized location, for 
enabling processing of a transaction requiring user location authentication, wherein the user 
location includes means for enabling the user to request remote access to the application server, 
the system comprising: 

• an access server, for receiving and processing a request for access to the application 
server from a user request enabling means, the server adapted to be located remote from 
the user's location (see above cited corresponding sections); 

• an authenticator for authenticating the location of the user with a challenge and response 
system adapted to be connected to the access server (see above cited corresponding 
sections); 

• a means for interconnecting the access server and the authenticator (see above cited 
corresponding sections); 

• a means for insuring the user's presence at the location that comprises a card for 
identifying the user and a reader for reading the user identifying card, the reader adapted 
to be connected to the user access request enabling means at the user location; (see above 
cited corresponding sections). 
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Goertzel does not explicitly disclose a first number authentication mechanism, wherein the 
first number authentication mechanism provides anti-circumvention protection that determines a 
physical location of an originating number to prevent the user from connecting to the access 
server from a physical location other than the user location and wherein the first number 
authenticating system is a non-global positioning satellite system. 

Shaffer, however, teaches a communication system and method wherein the location of a 
remote user is determined (columns 16-17). Furthermore, Shaffer utilizes ANI, DNIS and 
geographic identifier in order to determine the identity and location of the caller (see also 
columns 25-29). 

It would have been obvious to one of ordinary skill in the art, at the time of the invention to 
modify the security location discrimination system and methods disclosed by Goertzel and 
further utilize the location determination mechanism of Shaffer, in order to prevent unauthorized 
and illegal access and only service authorized locations, as per teaching of Shaffer (column 1-2). 

43. Goertzel discloses a system for enabling remote access to an application server, upon 
authentication of a location from which a user has sought access as an authorized location, for 
enabling processing of a transaction requiring user location authentication, wherein the user 
location includes means for enabling the user to request remote access to the application server, 
the system comprising: 

• an access server, for receiving and processing a request for access to the application 
server from a user request enabling means, the server adapted to be located remote from 
the user^s location (see above cited corresponding sections); 
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• an authenticating server for authenticating the location of the user responsive to receipt of 
the processed request from the access server via a challenge and response system, the 
authenticating server adapted to be connected to the access server (see above cited 
corresponding sections); and 

• a network for interconnecting the access server and the authenticating server (see above 
cited corresponding sections) 

Goertzel does not explicitly disclose a first number authentication mechanism, w^herein the 
first number authentication mechanism provides anti-circumvention protection that determines a 
physical location of an originating number to prevent the user from connecting to the access 
server from a physical location other than the user location and wherein the first number 
authenticating system is a non-global positioning satellite system. 

Shaffer, however, teaches a communication system and method wherein the location of a 
remote user is determined (columns 16-17). Furthermore, Shaffer utilizes ANI, DNIS and 
geographic identifier in order to determine the identity and location of the caller (see also 
columns 25-29). 

It would have been obvious to one of ordinary skill in the art, at the time of the invention to 
modify the security location discrimination system and methods disclosed by Goertzel and 
further utilize the location determination mechanism of Shaffer, in order to prevent unauthorized 
and illegal access and only service authorized locations, as per teaching of Shaffer (column 1-2). 

48. Goertzel discloses a method of enabling remote access to an application server, upon 
authentication of a location from which a user has sought access thereto as an authorized 
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location, for enabling processing of a transaction requiring user location authentication, wherein 
the user location includes means for enabling the user to request remote access to the application 
server, in a system which comprises an access server, for receiving and processing a request for 
access to the application server from user request enabling means, adapted to be located remote 
from the user's location, an authenticator for authenticating the identity and the location of the 
user responsive to receipt of the processed request from the access server, adapted to be 
connected to the access server, and means for interconnecting the access server and the 
authenticator, wherein the method comprises: 

• requesting an access server to enable a user tat a user's location to access the application 
server (see above cited corresponding sections) 

• authenticating the location of the user via the authenticator (see above cited 
corresponding sections); 

• authenticating the identity of the user via the authenticator; and 

• determining in the authenticator whether to enable the user to access the application 
server based on the authenticating of the user's location (see above cited corresponding 
sections); and 

Goertzel does not explicitly disclose a first number authentication mechanism, wherein the 
first number authentication mechanism provides anti-circumvention protection that determines a 
physical location of an originating number to prevent the user from connecting to the access 
server from a physical location other than the user location and wherein the first number 
authenticating system is a non-global positioning satellite system. 
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Shaffer, however, teaches a communication system and method wherein the location of a 
remote user is determined (columns 16-17). Furthermore, Shaffer utilizes ANI, DNIS and 
geographic identifier in order to determine the identity and location of the caller (see also 
columns 25-29). 

It would have been obvious to one of ordinary skill in the art, at the time of the invention to 
modify the security location discrimination system and methods disclosed by Goertzel and 
further utilize the location determination mechanism of Shaffer, in order to prevent unauthorized 
and illegal access and only service authorized locations, as per teaching of Shaffer (column 1-2). 

Claims 22, 25 and 69 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Goertzel et al. (hereinafter Goertzel), U.S. Patent 6,508,710 Bl. 

Goertzel discloses a system/method for enabling remote access to an application server, upon 
authentication of a location from which a user has sought access as an authorized location, for 
enabling processing of a transaction requiring user location authentication, wherein the user 
location includes means for enabling the user to request remote access to the application server, 
the system comprising (column 1, line 55-column 2, line 13): 

• an access server, for receiving and processing a request for access to the application 
server from a user request enabling means, the server adapted to be located remote from 
the user's location (figure 4, 68 remote access server); 

• an authenticator for authenticating the location of the user responsive to receipt of a 
processed request from the access server, the authenticator adapted to be connected to the 
access server (figure 4, 71 location detection mechanism); 
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• means for interconnecting the access server and the authenticator (column 5, figure 5A-B, 
528 lookup number in database; column 7, line 55-column 8, line 4). 

Goertzel does not explicitly disclose a first number authentication mechanism, wherein the 
first number authentication mechanism provides anti-circumvention protection that determines a 
physical location of an originating number to prevent the user from connecting to the access 
server from a physical location other than the user location. 

Shaffer, however, teaches a communication system and method wherein the location of a 
remote user is determined (columns 16-17). Furthermore, Shaffer utilizes ANI, DNIS and 
geographic identifier in order to determine the identity and location of the caller (see also 
columns 25-29). 

It would have been obvious to one of ordinary skill in the art, at the time of the invention 
to modify the security location discrimination system and methods disclosed by Goertzel and 
fiirther utilize the location determination mechanism of Shaffer, in order to prevent unauthorized 
and illegal access and only service authorized locations, as per teaching of Shaffer (column 1-2). 

A cookie is a block of data that a server returns to a client in response to a request fi-om 
the client and commonly used to identify a user and is thus old and well known in the computer 
art. It would have been obvious to one of ordinary skill in the art at the time of the invention to 
implement a cookie as part of the authentication process to efficiently verify the location 
information of a returning user for enabling access. 

US references 6,715,080; 6,606,708; 6,51 1,339 further support the examiner's contention 
that the use of a cookie for the above noted purpose is well-knovm in the art. 
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Corresponding claims 49 and 51-76 are directed to a method of the above claimed 
invention and are therefore rejected as above. 

Although the Examiner has pointed out particular references contained in the prior art(s) of 
record in the body of this action, the specified citations are merely representative of the 
teachings in the art as applied to the specific limitations within the individual claim. Since 
other passages and figures may apply to the claimed invention as well, it is respectfully 
requested that the applicant, in preparing the response, to consider fully the entire references 
as potentially teaching all or part of the claimed invention, as well as the context of the 
passage as taught by the prior arts or disclosed by the examiner. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Bradley B. Bayat whose telephone number is 571-272-6704. The 
examiner can normally be reached on Tuesday-Friday 8 a.m.-6:30 p.m.. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Andrew Fischer can be reached on 571-272-6779. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




Bradley B. Bayat 
Primary Examiner 
Art Unit 3621 



